289
18
ATRiM for Critical
Infrastructure Protection
Gregory Saville
Is it possible to prepare adequately for terror attacks? There is obvious benet to assembling
important agencies to coordinate responses during the rst critical moments of an attack. Most emer-
gency plans dedicate a signicant portion of their content to responses. The sad fact of those plans is
that they prepare for responding during or after the attack has already happened. By denition, the
emergency response is NOT an act of prevention or mitigation of the crime and terror. In truth, there
are very few critical infrastructure protection models available for antiterrorism prevention.
This chapter describes the recent development of one such model—ATRiM, the Antiterror Risk
Infrastructure Protection Model—a new computerized critical infrastructure protection system that
combines the proven prevention strategies of CPTED and environmental security with the training
and software package of modern technology. In terms of the risk-assessment process described in
Chapters 11 through 14, ATRiM completes the vulnerability and asset analysis portion of the secu-
rity review process.
Unlike prevention of crime, prevention of terror events is relatively new. Critical infrastructure
in this chapter refers to nonmilitary infrastructure. That is because military security systems, such
as simulations for blast effects and chemical plume dispersion models, are rarely shared with the
public. This is in spite of the fact that almost 80% of all critical infrastructures are owned and oper-
ated by public, nonmilitary sources.
Critical infrastructures present some unique vulnerability challenges such as cascading and escalat-
ing failures. Cascading occurs when attacking one target cascades to affect other similarinfrastructures.
CONTENTS
Lessons from the Past ....................................................................................................................290
A Critical Infrastructure Protection Plan .......................................................................................290
Introduction to the Problem ........................................................................................................... 291
Critical Infrastructure and Terrorism .............................................................................................292
Do We Know What Kind of Attacks Terrorists Will Use? ........................................................ 292
ATRiM’s Audit Process..................................................................................................................293
Beyond Checklists .....................................................................................................................293
Documenting Data within Each Cell.........................................................................................294
Audit Process ............................................................................................................................294
Primary and Secondary Audit Teams ........................................................................................ 295
Applying the Matrix Cells during the Audit Process ................................................................297
Planning Process ............................................................................................................................297
Phase 1: Asset Identication and Vulnerabilities ......................................................................297
Phase 2: The Audit ....................................................................................................................297
Phase 3: Implementation ........................................................................................................... 298
Summary ........................................................................................................................................ 298
References ......................................................................................................................................298

Get 21st Century Security and CPTED, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.